Hi


can i block a specific ip using the host file , without write the name of the site?

for example i want to block this ip -> 195.244.116.92

it's just an example

i edit the host file like

127.0.0.1 localhost
127.0.0.1 195.244.116.92

but seems it doesn't work

what's the problems?

i have a firewall , but i would love to know if i can block an ip editing the host

thanks
cheers

hosts file only block ip address tied to a host name so 195.244.116.92 = www.somesite.org

Hi,

As Cudni mentioned it won't work since Hosts file overrides any information that would be retrieved from a DNS server.

Mantra in that case you can try use PeerBlock and there enter list of IPs you would like to block.
http://www.peerblock.com/userguide/how_to_use/htu-creatinglists

.

-{ Quote: "Hi,

As Cudni mentioned it won't work since Hosts file overrides any information that would be retrieved from a DNS server.

Mantra in that case you can try use PeerBlock and there enter list of IPs you would like to block.
http://www.peerblock.com/userguide/how_to_use/htu-creatinglists

." }-
thanks a lot for the link file host editor

but peerblock should be loaded in memory to block the ips ? like a firewall ?

thanks again

-{ Quote: "hosts file only block ip address tied to a host name so 195.244.116.92 = www.somesite.org" }-
is there a way to have with precision the host name from an ip?

You are welcome.

That's right. To make it suitable for your needs you can disable all other lists (except one you created) in PB - it will run faster at startup without checking/loading/downloading all other lists from the Internet.

I don't use PB at daily usage since I don't need to block any IPs so far. (BTW. It uses ~2-5MB RAM on my machine).

Please note: if your firewall allows you to specify IP address for in/out connection like eg. LNS - then you will be able block single IP address. But... if you have long list of IPs that you want to block more flexible/efficient will be PeerBlock in that case.

-{ Quote: "is there a way to have with precision the host name from an ip?" }-
This is not so precise as we all would like but you can try to do a little investigation:

http://whois.domaintools.com/195.244.116.92
You can see netname and descr and also IP range:

inetnum: 195.244.116.80 - 195.244.116.95
netname: ICE-HOUSING-NET1
descr: ICESTORM Entertainment GmbH

Search in google about this company and you will find site: icestorm.de

Now ping this domain:

ping icestorm.de
~pings this IP:
[195.244.116.90]

HTH

Hosts file is useful for a NAME that may have a dynamic IP. You put in
127.0.0.1 sample-site.com
and no matter what that IP is, it will redirect it back to localhost.

A long time ago, when Prevx first came out, I used it. Later, they dropped the updates for the original free version. What they did was OK, but it always tried to update. I believe they changed the update servers or something. Anyway, it amounted to a netblock of IP addresses, and a number of different names. My host file had I believe a dozen entries, something like

127.0.0.1 prevx.update.1.com
127.0.0.1 prevx.update.2.com

(just an example, not real names ;) )

I was looking for a way to minimize the number of hosts entries, because I only needed to block a couple IP addresses. At that time I made a little tool I called IPPT. Don't remember what the name meant, or really how it works as it was quite awhile ago.

Anyway, what I did, because M$ gave me no other method, was to make a persistent route for an IP address. Something like
route
IP Address 1.2.3.4 (the address you want to block)
on subnet
255.255.255.255
to non-existent network IP of LAN
192.168.1.250

All this did was to say any traffic heading to 1.2.3.4 was to be routed to 192.168.1.250 as the gateway (instead of the real 192.168.1.1 gateway). It meant that those packets were routed to an unused IP on my LAN, and they were blocked from going online.

If I were to do this now, I would probably use IPSEC to do it.

Just some food for thought :)

Sul.